SourceForge is investigating how a corrupted copy of phpMyAdmin came to be served from a Korean-based mirror. 400 users downloaded the malicious file before it was removed from rotation today. The database administration tool is used for the open-sourced, Web-based MySQL. The corrupted copy included malicious code allowing arbitrary commands by the Web server user. Officials believe at present only the PHPMyAdmin-3.5.2.2-all-languages.zip package was affected.
Source: https://threatpost.com/sourceforge-investigates-backdoor-code-found-copy-phpmyadmin-092512/77049/